Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
Where you should disclose your vulnerabilities. Go read RFPolicy if you want to do responsible disclosure, and go here for when all else fails. 

Current Page: 1 of 1
Results 1 - 5 of 5
4 years ago
Ams
How about this: <style /><a href="}html{a:\65\78\70\72\65\73\73\69\6f\6e\28\61\6c\65\72\74\28\39\29\29}">text</a>
Forum: Obfuscation
4 years ago
Ams
Hello, I want to share with some small research made by me and my friend Bagie. Here is the text: http://www.0x416d73.name/pub/chm_res.txt (english) - files attached are here: http://www.0x416d73.name/pub/chm_research.tar.gz And here blog post: http://www.0x416d73.name/articles/27 (russian)
Forum: Full Disclosure
5 years ago
Ams
I am not top visitor of xssed.com :) If bug is out for a year this only proves that they are even not grepping their logs. What to say, sadly.
Forum: Full Disclosure
5 years ago
Ams
I have found vulnerabilities on iso.org and sent two notification letters. First was sent through web-contact form for technical purposes - no reply, no fixed code. After 5 days second e-mail was sent to manager, but also no reply and no actions taken. I was waiting for reply for one week. So, holes are still up and there. Looks like they are too busy to take care about security of such site. Any
Forum: Full Disclosure
5 years ago
Ams
Why not to try explicitly send referrer in headers? Don't say it's impossible until you check.
Forum: CSRF and Session Info
Current Page: 1 of 1